Getting Network Captures on Windows CE
A few weeks ago I wrote about the telnet server, which is a very useful utility. Now I'll talk about another handy debugging tool that is shipped in Platform Builder that you may not know about -- netlog.
Netlog is a packet sniffer, a la the Netmon utility on the desktop. In fact the format of the files it generates is exactly like netmon, which means you can use desktop netmon to view files later. Sorry, no packet viewer on the CE device itself - though it'd be a fun project if anyone wants to do it!
When does NetLog come in handy? There's 2 big things I use it for:
(1) Your network hub is really a switch and doesn't broadcast ethernet packets. This means that netmon running on a WinXP desktop won't be able to eavesdrop on these packets.
(2) You have a PPP connection. I don't know of an easy way to sniff these packets "over the wire". NetLog lets you see what's going on. When using PPTP (secure connection) it will save the unencrypted IP packet, not the encrypted one.
I was pleasantly surprised to see that we already document NetLog and NetLogctl. This means this blog entry is short!